<?php
session_start();
ini_set('date.timezone','Asia/Shanghai');
$input_charset= "utf-8";
header("content-type:text/html; charset=".$input_charset);

include("../include/config.inc.php");

$appid='wxc932d20884c7855b';
$appsecret='3285c89e7d3c804104482c3e1a38b301';

//$url='https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxa4cf994a9d00afb8&redirect_uri=http%3A%2F%2Fwx.wycn.com%2F/1ykdx/UserInfo.php&response_type=code&scope=snsapi_userinfo&state=123&connect_redirect=1#wechat_redirect';

$code=$_GET[code];
$back=$_GET["state"];
//$u=$_GET[u];
//echo $u;
//$mobile=$_GET[mobile];
//$userid=substr($mobile,12);
//$mobile=substr($mobile,0,11);
//exit;

$token_url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.$appid.'&secret='.$appsecret.'&code='.$code.'&grant_type=authorization_code';
$token = json_decode(file_get_contents($token_url));
$opendid= $token->openid;
$access_token = $token->access_token;

if($opendid==''){
	echo "<SCRIPT LANGUAGE=\"JavaScript\">location.href='login.php'</SCRIPT>";
}

//$_SESSION[tableprefix.'weixin_opendid_2017'] = $opendid;
//echo $opendid;
//echo "<br/>";
//echo $access_token;
//exit;

$info_url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$access_token.'&openid='.$opendid.'&lang=zh_CN';
$info = json_decode(file_get_contents($info_url));
$data['nickname'] = $info->nickname;
$data['image'] = $info->headimgurl;
$data['sex'] = $info->sex;
$data['language'] = $info->language;
$data['city'] = $info->city;
$data['province'] = $info->province;
$data['country'] = $info->country;
$nickname=$data['nickname'];
$image=$data['image'];
$sex=$data['sex'];
$language=$data['language'];
$city=$data['city'];
$province=$data['province'];
$country=$data['country'];
$time=date("Y-m-d H:i:s",time());
//print_r($info);
//echo $data['image'];
//exit;

$sql = "select count(*) as count from ".tableprefix."weixin where opendid='$opendid'";
$row=$db->fetch_array($db->query($sql));
$count=$row["count"];//记录总数
if($count<=0 && $opendid<>''){
	$sql="insert into ".tableprefix."weixin(opendid,token,mobile,nickname,image,sex,language,city,province,country,ip,time) values ('$opendid','$access_token','$mobile','$nickname','$image','$sex','$language','$city','$province','$country','".GetIP()."','$time')";
	mysql_query("set names utf8");
	$db->query($sql);
	$ip=getIP();
	$time=time();
	$member_name="YX".$time;
	$member_passwd=md5($time);
	$member_mobile=$mobile;
	$member_mobile_bind='1';
	$member_login_num='1';
	$member_time=$time;
	$member_login_time=$time;
	$member_old_login_time=$time;
	$member_login_ip=$ip;
	$member_old_login_ip=$ip;
	$member_points='20';
	$member_old_login_time=$time;
	$member_provinceid='19';
	$member_areainfo='广东省';
	$member_avatar=$image;
	$sql="insert into ".tableprefix."member(member_name,member_avatar,member_passwd,member_mobile,member_mobile_bind,member_login_num,member_time,member_login_time,member_old_login_time,member_login_ip,member_old_login_ip,member_points,member_provinceid,member_areainfo)values('$member_name','$member_avatar','$member_passwd','$member_mobile','$member_mobile_bind','$member_login_num','$member_time','$member_login_time','$member_old_login_time','$member_login_ip','$member_old_login_ip','$member_points','$member_provinceid','$member_areainfo')";
	$db->query($sql);
	if(!$db->error()){
		$member_id = mysql_insert_id();
		$sql="update ".tableprefix."weixin set member_id='$member_id' where opendid='$opendid'";
		$db->query($sql);
		if(!$db->error()){
			$_SESSION[tableprefix.'sys_member_id_2017'] = $member_id;
			if($back<>''){
			echo "<script>location.href='".$back."';</script>";
			}else{
			echo "<script>location.href='index.php';</script>";
			}
		}else{
			echo "<script>alert('数据库出错，请重新登陆。');location.href='login.php';</script>";
		}		
	}
	else
	{
		echo "<script>alert('数据库出错，请重新登陆。');location.href='login.php';</script>";
	}
	$db->close();
	exit;
}else{
	$s="select member_id from ".tableprefix."weixin where opendid='$opendid'";
	$res=$db->query($s);
	$rs=$db->fetch_array($res);
	$member_id = $rs["member_id"];
	$is_seller=GetValueByKey(tableprefix."member","member_id",$member_id,"is_seller");
	$_SESSION[tableprefix.'sys_member_id_2017'] = $member_id;
	$time=time();
	$ip=GetIP();
	$sql="update ".tableprefix."member set member_login_num=member_login_num+1,member_points=member_points+30,member_exppoints=member_exppoints+5,member_login_ip='$ip',member_login_time='$time' where member_id='$member_id'";
	$db->query($sql);
	if(!$db->error()){
		if($back<>''){
		echo "<script>location.href='".$back."';</script>";
		}else{			
		if($is_seller==1){
			GotoPage('seller.php');
		}else{
			GotoPage('index.php');
		}
		}
	}else{
		GotoPage('login.php');
	}		
	$db->free_result($result);
	$db->close();
	exit;
}
?>